$URL is official, but not yet up to date.
SQUID-2022:1 - CVE-2022-41317
Information disclosure in cache manager
SQUID-2022:2 - CVE-2022-41318
Buffer overflow / memory leak in SSPI and SMB auth
Both are fixed in squid-5.7.
There is an outstanding bump request to 5.7 (https://bugs.gentoo.org/869968), but it is generic, created before these security issues were disclosed.
Thanks for reporting!
Not sure if zlogene will get to this, feel free to make a PR
(In reply to John Helmert III from comment #2)
> Not sure if zlogene will get to this, feel free to make a PR
Working on it, got changes locally, but I overhauled the whole thing, so having to test it out
The bug has been referenced in the following commit(s):
Author: Sam James <email@example.com>
AuthorDate: 2022-09-24 06:19:24 +0000
Commit: Sam James <firstname.lastname@example.org>
CommitDate: 2022-09-29 02:14:37 +0000
net-proxy/squid: add 5.7
Signed-off-by: Sam James <email@example.com>
net-proxy/squid/Manifest | 1 +
net-proxy/squid/squid-5.7.ebuild | 362 +++++++++++++++++++++++++++++++++++++++
2 files changed, 363 insertions(+)
The ebuild has changed a fair bit so won't rush to stable it just yet.